Fix path normalization in auparse
Resolves: rhbz#2062824 - auparse missing information when used with --format-text
This commit is contained in:
parent
296acef39f
commit
c5b6e5e335
31
audit-3.0.8-auparse-path-norm.patch
Normal file
31
audit-3.0.8-auparse-path-norm.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
From becc1c297279f757835943e2cad63992134511f9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Sergio Correia <scorreia@redhat.com>
|
||||||
|
Date: Mon, 7 Mar 2022 13:11:09 -0300
|
||||||
|
Subject: [PATCH] auparse: fix off-by-one issue in path_norm() (#242)
|
||||||
|
|
||||||
|
When defining dest = rpath + 1, we end up having the first char of
|
||||||
|
`dest' as NULL -- since `rpath' points to `working', which is a static
|
||||||
|
buffer.
|
||||||
|
|
||||||
|
With the first char as NULL, path_norm() ends up producing an empty string.
|
||||||
|
|
||||||
|
This commit fixes the issue reported in this [1] mailing list post.
|
||||||
|
|
||||||
|
[1] https://listman.redhat.com/archives/linux-audit/2022-February/018844.html
|
||||||
|
---
|
||||||
|
auparse/interpret.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/auparse/interpret.c b/auparse/interpret.c
|
||||||
|
index c8a0d96dd..df593c44c 100644
|
||||||
|
--- a/auparse/interpret.c
|
||||||
|
+++ b/auparse/interpret.c
|
||||||
|
@@ -895,7 +895,7 @@ static char *path_norm(const char *name)
|
||||||
|
return strdup(name);
|
||||||
|
|
||||||
|
rpath = working;
|
||||||
|
- dest = rpath + 1;
|
||||||
|
+ dest = rpath;
|
||||||
|
rpath_limit = rpath + PATH_MAX;
|
||||||
|
|
||||||
|
for (start = name; *start; start = end) {
|
@ -2,7 +2,7 @@
|
|||||||
Summary: User space tools for kernel auditing
|
Summary: User space tools for kernel auditing
|
||||||
Name: audit
|
Name: audit
|
||||||
Version: 3.0.7
|
Version: 3.0.7
|
||||||
Release: 101%{?dist}
|
Release: 102%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: http://people.redhat.com/sgrubb/audit/
|
URL: http://people.redhat.com/sgrubb/audit/
|
||||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||||
@ -10,6 +10,7 @@ Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
|
|||||||
|
|
||||||
Patch1: 0001-Add-ausysrulevalidate.patch
|
Patch1: 0001-Add-ausysrulevalidate.patch
|
||||||
Patch2: audit-3.0.7-gcc-flags.patch
|
Patch2: audit-3.0.7-gcc-flags.patch
|
||||||
|
Patch3: audit-3.0.8-auparse-path-norm.patch
|
||||||
|
|
||||||
BuildRequires: make gcc swig
|
BuildRequires: make gcc swig
|
||||||
BuildRequires: openldap-devel
|
BuildRequires: openldap-devel
|
||||||
@ -93,6 +94,7 @@ Management Facility) database, through an IBM Tivoli Directory Server
|
|||||||
cp %{SOURCE1} .
|
cp %{SOURCE1} .
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
autoreconf -fv --install
|
autoreconf -fv --install
|
||||||
|
|
||||||
# Remove the ids code, its not ready
|
# Remove the ids code, its not ready
|
||||||
@ -261,6 +263,10 @@ fi
|
|||||||
%attr(750,root,root) %{_sbindir}/audispd-zos-remote
|
%attr(750,root,root) %{_sbindir}/audispd-zos-remote
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Sun Mar 13 2022 Sergio Correia <scorreia@redhat.com> - 3.0.7-102
|
||||||
|
- Fix path normalization in auparse
|
||||||
|
Resolves: rhbz#2062824 - auparse missing information when used with --format-text
|
||||||
|
|
||||||
* Tue Feb 22 2022 Sergio Correia <scorreia@redhat.com> - 3.0.7-101
|
* Tue Feb 22 2022 Sergio Correia <scorreia@redhat.com> - 3.0.7-101
|
||||||
- Adjust sample-rules dir permissions
|
- Adjust sample-rules dir permissions
|
||||||
Resolves: rhbz#2054432 - /usr/share/audit/sample-rules is no longer readable by non-root users
|
Resolves: rhbz#2054432 - /usr/share/audit/sample-rules is no longer readable by non-root users
|
||||||
|
Loading…
Reference in New Issue
Block a user